Executive Summary

Informations
Name CVE-2015-0296 First vendor Publication 2017-10-06
Vendor Cve Last vendor Modification 2017-11-01

Security-Database Scoring CVSS v3

Cvss vector : CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N
Overall CVSS Score 4.7
Base Score 4.7 Environmental Score 4.7
impact SubScore 3.6 Temporal Score 4.7
Exploitabality Sub Score 1
 
Attack Vector Local Attack Complexity High
Privileges Required None User Interaction Required
Scope Unchanged Confidentiality Impact None
Integrity Impact High Availability Impact None
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:L/AC:H/Au:N/C:N/I:P/A:N)
Cvss Base Score 1.2 Attack Range Local
Cvss Impact Score 2.9 Attack Complexity High
Cvss Expoit Score 1.9 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

The pre-install script in texlive 3.1.20140525_r34255.fc21 as packaged in Fedora 21 and rpm, and texlive 6.20131226_r32488.fc20 and rpm allows local users to delete arbitrary files via a crafted file in the user's home directory.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0296

CWE : Common Weakness Enumeration

% Id Name
100 % CWE-264 Permissions, Privileges, and Access Controls

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 2

Nessus® Vulnerability Scanner

Date Description
2015-04-09 Name : The remote Fedora host is missing a security update.
File : fedora_2015-4872.nasl - Type : ACT_GATHER_INFO
2015-04-03 Name : The remote Fedora host is missing a security update.
File : fedora_2015-4332.nasl - Type : ACT_GATHER_INFO

Sources (Detail)

Source Url
BID http://www.securityfocus.com/bid/72826
CONFIRM https://bugzilla.redhat.com/show_bug.cgi?id=1197082
FEDORA http://lists.fedoraproject.org/pipermail/package-announce/2015-April/154198.html
http://lists.fedoraproject.org/pipermail/package-announce/2015-April/154424.html
MLIST http://www.openwall.com/lists/oss-security/2015/02/27/6

Alert History

If you want to see full details history, please login or register.
0
1
2
Date Informations
2020-05-23 00:43:25
  • Multiple Updates
2017-11-01 17:20:52
  • Multiple Updates
2017-10-07 05:22:38
  • First insertion